Latest in Dns

Image credit:

Seven physical keys serve as the internet's horcrux

Sean Hollister
The internet may not have a kill switch, but there really are a set of keys, developed by ICANN in case of digital catastrophe. Seven keyholders across the world hold smart cards like the ones you see above, each with a piece of the DNSSEC's recovery key. What's that, you say? We're glad you asked -- DNSSEC's an initiative to make sure websites are who they say. To do that, it needs a way of authenticating domain names with a cryptographic master key, and a replacement copy of that key is the item these individuals are safeguarding. Even banded together, the individuals have no power over the internet at large -- the tokens simply allow the world to reboot the authentication system in case ICANN's two facilities happen to simultaneously go down. Policies and procedures dictating how this all works sadly include neither demonic keymasters nor secret societies, but you're welcome to hit up our more coverage link for the deep dive.